//              it under the terms of the GNU General Public License as published
//              by the Free Software Foundation, either version 3 of the License,
//              or (at your option) any later version.
//
//              XOS-Shop is distributed in the hope that it will be useful,
//              but WITHOUT ANY WARRANTY; without even the implied warranty of
//              MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//              GNU General Public License for more details.
//
//              You should have received a copy of the GNU General Public License
//              along with XOS-Shop.  If not, see <http://www.gnu.org/licenses/>.
////////////////////////////////////////////////////////////////////////////////
require 'includes/application_top.php';
if (!(@(include DIR_FS_SMARTY . 'admin/templates/' . ADMIN_TPL . '/php/' . FILENAME_ATTRIBUTES_QTY_LIST) == 'overwrite_all')) {
    require DIR_FS_SMARTY . 'admin/languages/' . $_SESSION['language'] . '/' . FILENAME_CATEGORIES;
    if (xos_has_product_attributes((int) $_GET['products_id']) && STOCK_CHECK == 'true') {
        $product_query = xos_db_query("select attributes_quantity, attributes_not_updated from " . TABLE_PRODUCTS . " where products_status = '1' and products_id = '" . (int) $_GET['products_id'] . "'");
        $product = xos_db_fetch_array($product_query);
        $attributes_quantity = xos_get_attributes_quantity($product['attributes_quantity']);
        if (xos_not_null($attributes_quantity) && !xos_not_null($product['attributes_not_updated'])) {
            $opt_query = xos_db_query("select pa.options_id, po.products_options_name from " . TABLE_PRODUCTS_ATTRIBUTES . " pa, " . TABLE_PRODUCTS_OPTIONS . " po where pa.products_id = '" . (int) $_GET['products_id'] . "' and pa.options_id = po.products_options_id and po.language_id = '" . (int) $_SESSION['used_lng_id'] . "' order by pa.options_sort_order asc, pa.options_id asc");
            $opt_array = array();
            $opt_values_array = array();
            $opt_result_array = array();
            $opt_rows_array = array();
            $opt_out_array = array();
            $i = 0;
            $ii = 1;
            $option_id = '';
            while ($opt = xos_db_fetch_array($opt_query)) {
                if ($option_id == $opt['options_id']) {
Example #2
0
         if ($pop_size[1] > $pop_height) {
             $pop_height = $pop_size[1];
         }
     }
     if ($small_width_total > $pop_width) {
         $pop_width = $small_width_total;
     }
     $products_images_array = array();
     $i = 0;
     foreach ($products_image_name as $products_img_name) {
         $products_images_array[] = array('link_product_img' => xos_href_link(FILENAME_POPUP_IMAGE, 'pID=' . $product_info['products_id'] . '&img_name=' . rawurlencode($products_img_name['name'])), 'link_product_img_noscript' => xos_href_link(FILENAME_IMAGES_WINDOW, 'pID=' . $product_info['products_id'], 'NONSSL', true, false, false, false, false), 'href_to_product_img_large' => xos_href_link(DIR_WS_IMAGES . 'products/large/' . rawurlencode($products_img_name['name']), '', 'NONSSL', false, false, false, false, false), 'src_product_img_medium' => xos_href_link(DIR_WS_IMAGES . 'products/medium/' . rawurlencode($products_img_name['name']), '', 'NONSSL', false, false, false, false, false), 'product_img_medium' => xos_image(DIR_WS_IMAGES . 'products/medium/' . rawurlencode($products_img_name['name']), addslashes($product_info['products_name']), '0', '0'), 'i' => $i);
         $i++;
     }
     $smarty->assign(array('box_width' => (int) ($pop_width + 50), 'box_height' => (int) ($pop_height + $small_height + 55), 'products_images' => $products_images_array));
 }
 if (xos_has_product_attributes((int) $_GET['p'])) {
     xos_not_null($product_info['attributes_combinations']) ? $combinations_string = $product_info['attributes_combinations'] : ($combinations_string = '');
     $attributes_quantity = xos_get_attributes_quantity($product_info['attributes_quantity']);
     if (xos_not_null($attributes_quantity) && $combinations_string != '' && STOCK_CHECK == 'true' && STOCK_ALLOW_CHECKOUT == 'false') {
         $combination_elements = explode('|', $combinations_string);
         for ($i = 0, $n = sizeof($combination_elements); $i < $n; $i++) {
             if ($attributes_quantity[$combination_elements[$i]] < 1) {
                 unset($combination_elements[$i]);
             }
         }
         ksort($combination_elements);
         $combinations_string = implode('|', $combination_elements);
         $combinations_string .= '|';
     }
     $combi_str = '';
     $comb_str = '';
             $in_special_status = false;
             $out_special_status = true;
     }
     $special_expires_date_query = xos_db_query("select date_format(expires_date, '" . DATE_FORMAT_SHORT . "') as expires_date from " . TABLE_SPECIALS . " where products_id = '" . (int) $product['products_id'] . "' and customers_group_id = '" . (int) $customers_group['customers_group_id'] . "'");
     $special_expires_date = xos_db_fetch_array($special_expires_date_query);
     $customers_groups_array[] = array('name' => $customers_group['customers_group_name'], 'id' => $customers_group['customers_group_id'], 'toggle_name' => 'toggle_' . $customers_group['customers_group_id'], 'display' => $sizeof > 2 ? '' : 'display: none', $customers_group['customers_group_id'] == 0 ? '' : 'input_checkbox' => xos_draw_checkbox_field('option[' . $customers_group['customers_group_id'] . ']', 'option[' . $customers_group['customers_group_id'] . ']', $products_prices[$customers_group['customers_group_id']][0] ? true : false, '', 'onclick="updateChecked(\'' . $customers_group['customers_group_id'] . '\')"'), 'input_price' => xos_draw_input_field('products_price_' . $customers_group['customers_group_id'], $products_prices[$customers_group['customers_group_id']][0]['regular'], 'style="background: #fffffe;" size ="11" onkeyup="updateGross(\'products_price_' . $customers_group['customers_group_id'] . '\', \'products_price_gross_' . $customers_group['customers_group_id'] . '\')"'), 'input_price_gross' => xos_draw_input_field('products_price_gross_' . $customers_group['customers_group_id'], $products_prices[$customers_group['customers_group_id']][0]['regular'], 'style="background: #fffffe;" size ="11" onkeyup="updateNet(\'products_price_gross_' . $customers_group['customers_group_id'] . '\', \'products_price_' . $customers_group['customers_group_id'] . '\')"'), 'input_special_price' => xos_draw_input_field('products_special_price_' . $customers_group['customers_group_id'], $products_prices[$customers_group['customers_group_id']][0]['special'], 'style="background: ' . (in_array($customers_group['customers_group_id'], $error_groups) && !$products_prices[$customers_group['customers_group_id']][0]['special'] > 0 ? '#000000' : '#ffe1e1') . '; color : red;" size ="11" onkeyup="updateGross(\'products_special_price_' . $customers_group['customers_group_id'] . '\', \'products_special_price_gross_' . $customers_group['customers_group_id'] . '\')"'), 'input_special_price_gross' => xos_draw_input_field('products_special_price_gross_' . $customers_group['customers_group_id'], $products_prices[$customers_group['customers_group_id']][0]['special'], 'style="background: ' . (in_array($customers_group['customers_group_id'], $error_groups) && !$products_prices[$customers_group['customers_group_id']][0]['special'] > 0 ? '#000000' : '#ffe1e1') . '; color : red;" size ="11" onkeyup="updateNet(\'products_special_price_gross_' . $customers_group['customers_group_id'] . '\', \'products_special_price_' . $customers_group['customers_group_id'] . '\')"'), 'input_special_expires_date' => xos_draw_input_field('special_expires_date_' . $customers_group['customers_group_id'], $special_expires_date['expires_date'], 'id ="special_expires_date_' . $customers_group['customers_group_id'] . '" style="background: #ffffcc;" size ="10"'), 'radio_special_status_1' => xos_draw_radio_field('products_special_status_' . $customers_group['customers_group_id'], '1', $in_special_status), 'radio_special_status_0' => xos_draw_radio_field('products_special_status_' . $customers_group['customers_group_id'], '0', $out_special_status), 'price_breaks' => $price_breaks_array);
     unset($price_breaks_array);
     $update_gross_string .= 'updateGross(\'products_price_' . $customers_group['customers_group_id'] . '\', \'products_price_gross_' . $customers_group['customers_group_id'] . '\');' . "\n" . 'updateGross(\'products_special_price_' . $customers_group['customers_group_id'] . '\', \'products_special_price_gross_' . $customers_group['customers_group_id'] . '\');';
     $update_net_string .= 'updateNet(\'products_price_gross_' . $customers_group['customers_group_id'] . '\', \'products_price_' . $customers_group['customers_group_id'] . '\');' . "\n" . 'updateNet(\'products_special_price_gross_' . $customers_group['customers_group_id'] . '\', \'products_special_price_' . $customers_group['customers_group_id'] . '\');';
     if ($customers_group['customers_group_id'] != 0) {
         $update_checked_string .= 'updateChecked(\'' . $customers_group['customers_group_id'] . '\');';
     }
     $javascript .= "\n" . '$(function() {' . "\n" . '  $( "#special_expires_date_' . $customers_group['customers_group_id'] . '" ).datepicker({' . "\n" . '    changeMonth: true,' . "\n" . '    changeYear: true' . "\n" . '  });' . "\n" . '});' . "\n";
 }
 ////////////////////////////////////////
 $has_product_attributes = xos_has_product_attributes($_GET['product_ID']);
 if ($has_product_attributes) {
     $attributes = xos_db_query("select distinct pa.*, po.products_options_name, pov.products_options_values_name from " . TABLE_PRODUCTS_ATTRIBUTES . " pa, " . TABLE_PRODUCTS_OPTIONS . " po, " . TABLE_PRODUCTS_OPTIONS_VALUES . " pov where pa.products_id ='" . (int) $_GET['product_ID'] . "' and pa.options_id = po.products_options_id and pa.options_values_id = pov.products_options_values_id and po.language_id = pov.language_id and po.language_id = '" . (int) $_SESSION['used_lng_id'] . "' order by pa.options_sort_order, po.products_options_id, pa.options_values_sort_order, pov.products_options_values_name");
     $current_attributes_values_array = array();
     $attributes_values_array = array();
     while ($attributes_values = xos_db_fetch_array($attributes)) {
         if ($attributes_values['options_id'] != $options_id) {
             $options_id = $attributes_values['options_id'];
             $options_name = $attributes_values['products_options_name'];
         } else {
             $options_name = '';
         }
         $current_attributes_values_array[$attributes_values['products_attributes_id']] = array('value_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
         $attributes_values_array[] = array('option_name' => $options_name, 'value_name' => $attributes_values['products_options_values_name'], 'input_value_price' => xos_draw_input_field('value_price_' . $attributes_values['products_attributes_id'], $attributes_values['options_values_price'], 'style="background: #fffffe;" size ="11" onkeyup="updateGross(\'value_price_' . $attributes_values['products_attributes_id'] . '\', \'value_price_gross_' . $attributes_values['products_attributes_id'] . '\')"'), 'input_value_price_gross' => xos_draw_input_field('value_price_gross_' . $attributes_values['products_attributes_id'], $attributes_values['options_values_price'], 'style="background: #fffffe;" size ="11" onkeyup="updateNet(\'value_price_gross_' . $attributes_values['products_attributes_id'] . '\', \'value_price_' . $attributes_values['products_attributes_id'] . '\')"'), 'input_price_prefix' => xos_draw_input_field('price_prefix_' . $attributes_values['products_attributes_id'], $attributes_values['price_prefix'], 'style="background: #fffffe; text-align:center;" size ="1"'));
         $update_gross_string .= 'updateGross(\'value_price_' . $attributes_values['products_attributes_id'] . '\', \'value_price_gross_' . $attributes_values['products_attributes_id'] . '\');' . "\n";
         $update_net_string .= 'updateNet(\'value_price_gross_' . $attributes_values['products_attributes_id'] . '\', \'value_price_' . $attributes_values['products_attributes_id'] . '\');' . "\n";
Example #4
0
//              filename: categories.php
//
//              Released under the GNU General Public License
////////////////////////////////////////////////////////////////////////////////
if (!(@(include DIR_FS_SMARTY . 'admin/templates/' . ADMIN_TPL . '/php/includes/modules/new_product.php') == 'overwrite_all')) {
    $form_action = isset($_GET['pID']) ? 'update_product' : 'insert_product';
    $parameters = array('products_name' => '', 'products_p_unit' => '', 'products_info' => '', 'products_description' => '', 'products_url' => '', 'products_id' => '', 'products_quantity' => '', 'products_delivery_time_id' => '', 'products_sort_order' => '', 'products_model' => '', 'products_image' => '', 'products_price' => '', 'products_weight' => '', 'products_date_added' => '', 'products_last_modified' => '', 'products_date_available' => '', 'products_status' => '', 'products_tax_class_id' => '', 'manufacturers_id' => '', 'attributes_quantity' => '');
    if (isset($_GET['pID'])) {
        $product_query = xos_db_query("select products_id, products_quantity, products_delivery_time_id, products_model, products_image, products_price, products_sort_order, products_weight, products_date_added, products_last_modified, date_format(products_date_available, '" . DATE_FORMAT_SHORT . "') as products_date_available, products_status, products_tax_class_id, manufacturers_id, attributes_quantity, attributes_not_updated from " . TABLE_PRODUCTS . " where products_id = '" . (int) $_GET['pID'] . "'");
        $product = xos_db_fetch_array($product_query);
        $pInfo = new objectInfo($product);
    } else {
        $pInfo = new objectInfo($parameters);
    }
    $products_image = xos_get_product_images($pInfo->products_image, 'all');
    $has_product_attributes = xos_has_product_attributes($pInfo->products_id);
    $manufacturers_array = array(array('id' => '', 'text' => TEXT_NONE));
    $manufacturers_query = xos_db_query("select manufacturers_id, manufacturers_name from " . TABLE_MANUFACTURERS_INFO . " where languages_id = '" . (int) $_SESSION['used_lng_id'] . "' order by manufacturers_name");
    while ($manufacturers = xos_db_fetch_array($manufacturers_query)) {
        $manufacturers_array[] = array('id' => $manufacturers['manufacturers_id'], 'text' => $manufacturers['manufacturers_name']);
    }
    $delivery_times_array = array(array('id' => '', 'text' => TEXT_NONE));
    $delivery_times_query = xos_db_query("select delivery_times_id, delivery_times_text from " . TABLE_DELIVERY_TIMES . " where language_id = '" . (int) $_SESSION['used_lng_id'] . "' order by delivery_times_id");
    while ($delivery_times = xos_db_fetch_array($delivery_times_query)) {
        $delivery_times_array[] = array('id' => $delivery_times['delivery_times_id'], 'text' => $delivery_times['delivery_times_text']);
    }
    $tax_class_array = array(array('id' => '0', 'text' => TEXT_NONE));
    $tax_class_query = xos_db_query("select distinct tc.tax_class_id, tc.tax_class_title from " . TABLE_TAX_CLASS . " tc, " . TABLE_TAX_RATES . " tr where tc.tax_class_id = tr.tax_class_id order by tc.tax_class_title");
    while ($tax_class = xos_db_fetch_array($tax_class_query)) {
        $tax_class_array[] = array('id' => $tax_class['tax_class_id'], 'text' => $tax_class['tax_class_title']);
    }
        case 'notify_remove':
            if (isset($_SESSION['customer_id']) && isset($_GET['p'])) {
                $check_query = xos_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $_GET['p'] . "' and customers_id = '" . $_SESSION['customer_id'] . "'");
                $check = xos_db_fetch_array($check_query);
                if ($check['count'] > 0) {
                    xos_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $_GET['p'] . "' and customers_id = '" . $_SESSION['customer_id'] . "'");
                }
                xos_redirect(xos_href_link(basename($_SERVER['PHP_SELF']), xos_get_all_get_params(array('action'))));
            } else {
                $_SESSION['navigation']->set_snapshot();
                xos_redirect(xos_href_link(FILENAME_LOGIN, '', 'SSL'));
            }
            break;
        case 'cust_order':
            if (isset($_SESSION['customer_id']) && isset($_GET['pid'])) {
                if (xos_has_product_attributes($_GET['pid'])) {
                    xos_redirect(xos_href_link(FILENAME_PRODUCT_INFO, 'p=' . $_GET['pid']));
                } else {
                    $_SESSION['cart']->add_cart($_GET['pid'], $_SESSION['cart']->get_quantity($_GET['pid']) + 1);
                }
            }
            xos_redirect(xos_href_link($goto, xos_get_all_get_params($parameters)));
            break;
    }
}
// update stats products_viewed
if (basename($_SERVER['PHP_SELF']) == FILENAME_PRODUCT_INFO) {
    xos_db_query("insert into " . TABLE_PRODUCTS_STATS . " (products_id, language_id, products_viewed) values('" . (int) $_GET['p'] . "', '" . (int) $_SESSION['languages_id'] . "', '1') on duplicate key update products_viewed = products_viewed+1");
}
// include the who's online functions
if (!in_array(basename($_SERVER['PHP_SELF']), array(FILENAME_CSS, FILENAME_JS, FILENAME_TEST))) {
Example #6
0
 function restore_contents()
 {
     if (!isset($_SESSION['customer_id'])) {
         return false;
     }
     // insert current cart contents in database
     if (is_array($this->contents)) {
         reset($this->contents);
         while (list($products_id, ) = each($this->contents)) {
             $qty = $this->contents[$products_id]['qty'];
             $product_query = xos_db_query("select products_id from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' and products_id = '" . xos_db_input($products_id) . "'");
             if (!xos_db_num_rows($product_query)) {
                 xos_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $_SESSION['customer_id'] . "', '" . xos_db_input($products_id) . "', '" . $qty . "', '" . date('Ymd') . "')");
             } else {
                 xos_db_query("update " . TABLE_CUSTOMERS_BASKET . " set customers_basket_quantity = '" . $qty . "' where customers_id = '" . (int) $_SESSION['customer_id'] . "' and products_id = '" . xos_db_input($products_id) . "'");
             }
         }
     }
     // reset per-session cart contents, but not the database contents
     $this->reset(false);
     $products_query = xos_db_query("select products_id, customers_basket_quantity from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' order by customers_basket_id ");
     while ($products = xos_db_fetch_array($products_query)) {
         $this->contents[$products['products_id']] = array('qty' => $products['customers_basket_quantity']);
         // attributes
         if (strpos($products['products_id'], '-') !== false) {
             list($prid, $attributes_sting) = explode('-', $products['products_id']);
             $attributes_values = explode('_', $attributes_sting);
             for ($i = 0, $n = sizeof($attributes_values); $i < $n; $i++) {
                 list($key, $value) = explode(',', $attributes_values[$i]);
                 if (is_numeric($key) && is_numeric($value)) {
                     $this->contents[$products['products_id']]['attributes'][$key] = $value;
                 }
             }
         }
     }
     if (isset($_SESSION['customer_id'])) {
         xos_db_query("delete from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "'");
     }
     // basket und cart auf Basis des Produktangebots aktualisieren (begin)
     if (is_array($this->contents)) {
         reset($this->contents);
         while (list($products_id, ) = each($this->contents)) {
             $check_basket = false;
             $qty = $this->contents[$products_id]['qty'];
             $product_check_query = xos_db_query("select p.products_id, p.attributes_quantity, p.attributes_combinations from " . TABLE_PRODUCTS . " p left join " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c on p.products_id = p2c.products_id left join " . TABLE_CATEGORIES_OR_PAGES . " c on p2c.categories_or_pages_id = c.categories_or_pages_id where c.categories_or_pages_status = '1' and p.products_status = '1' and p.products_id = '" . xos_db_input(xos_get_prid($products_id)) . "'");
             if (xos_db_num_rows($product_check_query) > 0) {
                 $product_check = xos_db_fetch_array($product_check_query);
                 $check_basket = true;
                 if (isset($this->contents[$products_id]['attributes'])) {
                     reset($this->contents[$products_id]['attributes']);
                     while (list($option, $value) = each($this->contents[$products_id]['attributes'])) {
                         $attributes_check_query = xos_db_query("select count(*) as total from " . TABLE_PRODUCTS_ATTRIBUTES . " where options_id = '" . (int) $option . "' and options_values_id = '" . (int) $value . "' and products_id = '" . xos_db_input(xos_get_prid($products_id)) . "'");
                         $attributes_check = xos_db_fetch_array($attributes_check_query);
                         if ($attributes_check['total'] > 0) {
                             if (xos_not_null($product_check['attributes_combinations']) && strpos($products_id, '-') !== false) {
                                 list($prid, $attributes_sting) = explode('-', $products_id);
                                 $combinations = explode('|', $product_check['attributes_combinations']);
                                 if (!in_array($attributes_sting, $combinations)) {
                                     $check_basket = false;
                                 } elseif (STOCK_CHECK == 'true' && STOCK_ALLOW_CHECKOUT == 'false') {
                                     $attributes_quantity = xos_get_attributes_quantity($product_check['attributes_quantity']);
                                     if ($attributes_quantity[$attributes_sting] < 1) {
                                         $check_basket = false;
                                     }
                                 }
                             }
                         } else {
                             $check_basket = false;
                         }
                     }
                 } elseif (xos_has_product_attributes($products_id)) {
                     $check_basket = false;
                 }
             }
             if ($check_basket == true) {
                 xos_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $_SESSION['customer_id'] . "', '" . xos_db_input($products_id) . "', '" . $qty . "', '" . date('Ymd') . "')");
             }
         }
     }
     // reset per-session cart contents, but not the database contents
     $this->reset(false);
     $products_query = xos_db_query("select products_id, customers_basket_quantity from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' order by customers_basket_id ");
     while ($products = xos_db_fetch_array($products_query)) {
         $this->contents[$products['products_id']] = array('qty' => $products['customers_basket_quantity']);
         // attributes
         if (strpos($products['products_id'], '-') !== false) {
             list($prid, $attributes_sting) = explode('-', $products['products_id']);
             $attributes_values = explode('_', $attributes_sting);
             for ($i = 0, $n = sizeof($attributes_values); $i < $n; $i++) {
                 list($key1, $value1) = explode(',', $attributes_values[$i]);
                 if (is_numeric($key1) && is_numeric($value1)) {
                     $this->contents[$products['products_id']]['attributes'][$key1] = $value1;
                 }
             }
         }
     }
     // basket und cart auf Basis des Produktangebots aktualisieren (end)
     $this->cleanup();
     // assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
     $this->cartID = $this->generate_cart_id();
 }